Dave Combs | Enterprise efforts are in tune at USDA

Interview with Agriculture CIO Dave Combs

By GCN Staff

Mar 02, 2006

Agriculture CIO Dave Combs, who took the reins last summer, has had a career as varied as USDA’s business lines. He was an industry IT executive—he spent 20 years with AT&T Corp. in North Carolina—music producer and composer before coming to USDA’s Rural Development agency in 2002. His instrumental, “Rachel’s Song,” topped easy-listening charts in the mid-1980s, and he has written or produced 15 albums.

As CIO, he’s finding some common ground across the disparate operations of one of the largest and most decentralized federal departments. USDA has business spanning research, geospatial, health care, bioterror, commodities and recreation.

Combs’ music shows how one person can affect the lives of many people. “What we do at Agriculture also virtually touches every American,” he said.

GCN: The Office of Management and Budget keeps increasing reporting requirements, such as security and financial management. Is it getting burdensome for CIOs?

COMBS: I look at it as a process of continuous improvement. Our monthly, quarterly and annual reporting on elements of [the] President’s Management Agenda, security and internal controls just go with the territory of managing a good IT organization. We also are raising the bar internally at USDA. We issue a 12-element scorecard on security to every USDA agency so they know where they’re falling short. When you institute a reporting and scorecard process, you make things transparent. People pay attention, and things happen. Because of the volume of the metrics to report, USDA agencies are looking at tools to automate reporting and to have a shared database or common reporting mechanism.

GCN: How are your IT security efforts progressing?

COMBS: IT security ties in with efforts on internal controls under OMB’s revised Circular A-123. IT security is a centerpiece of that effort because all the financial systems and feeder systems need to have this tightly controlled environment. We have a major effort with USDA’s cybersecurity organization performing pre-audits before [the] department inspector general and outside auditors perform theirs. The major A-123 milestone is June 30, when the department secretary must attest to the fact that USDA has internal controls in place. We have a senior executive team and a workgroup under them, who meet at least weekly to assure internal controls.

A-123 is connected with IT certification and accreditation in that it raises the bar for us to go back and audit those systems that were [certified and accredited]. My cybersecurity officer looks under the hood and what he finds must be fixed before he approves the C&A documents and the IG reviews and signs off on it.

GCN: Speaking of A-123, OMB controller Linda Combs is your wife. How do you two handle be-ing married and having high-profile positions?

COMBS: Our current jobs are complementary, and we have a wonderful complementary relationship. A lot of my work deals with financial management at USDA, and A-123 controls [are] a large part of that. It’s wonderful to have a live-in consultant.

GCN: How has an enterprise architecture led Agriculture to plan for more enterprisewide systems?

COMBS: We use our enterprise architecture as our road map for where we want to get to—to migrate systems from agency-specific to enterprisewide and, where possible, governmentwide.

The best example of that is Homeland Security Presidential Directive-12, where the federal government will credential and provide identification for all federal employees. USDA is taking a lead role with partners in developing standards and common approaches to credentialing for HSPD-12. E-authentication will be a piece of HSPD-12 as we get into the integration of smart cards.

GCN: Agriculture has led in implementing e-authentication. How is that advancing?

COMBS: USDA, which is one of the federal e-authentication providers, got its first customer in December. The Commerce Department integrated USDA’s e-authentication service into the Exports.gov [international trade portal]. USDA has 167 applications integrated with e-authentication and 53 of them interface with the public. We’re trying to get to a single-sign-on capability. E-authentication cuts across every agency in Agriculture—for example, through use of AgLearn for yearly security and ethics training. We have 76,000 external USDA customers and 88,000 employees who have credentials.

GCN: Agriculture is very decentralized. Do you want to centralize IT budget authority to standardize and reduce costs?

COMBS: That becomes a legislative and political question. We already have budget review authority, which we exercise through our capital planning and investment control process. We look at investments and business cases and have a waiver process, in which projects costing more than $25,000 must be approved by the CIO’s office. We review each investment against our enterprise architecture for security, duplication and return on investment.

GCN: Where is the Agriculture Department on IT consolidation?

COMBS: The IT consolidation of the Natural Resources Conservation Service, the Farm Service and Rural Development agencies at the county office level recently celebrated its one-year anniversary. We are looking at ways to use a common computing environment for other agencies.

For example, we will migrate to a common e-mail system, Microsoft Exchange, over [the next] 18 months, by June 30, 2007, from three e-mail platforms. We’re also looking at desktop and local area network support, which we will approach as a team.About 22 IT professionals lead USDA agencies, and we meet twice a month to collectively map out the best migration and will set milestones. If we do the e-mail migration successfully, we can build upon that teamwork and have a better chance of succeeding at desktop support.

GCN: Is Agriculture beginning to see savings yet from the IT consolidation of the three service agencies?

COMBS: This is the watershed year where we peak on using a mix of the old and new systems. What we’re seeing now is cost avoidance. We have a common platform, and as new systems come along, they will run on that platform. There are anecdotes of improved customer service, because farmers and ranchers have just one office to go to for services instead of three.